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REMARKS 

Claims 1 and 3-20 are currently pending in the subject application, and are presently 
under consideration. Claim 1 has been amended to correct minor informalities. The amendment 
to claim 1 is not intended to limit claim 1 in any manner. Claims 1 and 3-20 are rejected. 
Favorable reconsideration of the application is requested in view of the comments herein. 

I. Rejection of Claims 1 and 3-20 Under 35 U.S.C. §103(a) 

Claims 1 and 3-20 stand rejected under 35 U.S.C. §103(a) as being unpatentable over 
U.S. Publication No. 2003/0005291 to Burn ("Burn") and further in view of U.S. Patent No. 
6,490,367 to Carlsson, et al. ("Carlsson"). Withdrawal of this rejection is respectfully requested 
for at least the following reasons. 

Claim 1 recites a token issuance and binding process comprising providing a plurality of 
tokens, each token having a unique ED number stored therein and generating a unique 
public/private key pair for each token. Claim 1 also recites storing each token ID number and 
corresponding public key in a directory/database and storing each private key in its respective 
token. Claim 1 further recites binding a unique ED number of a user to a corresponding one the 
plurality of tokens by storing the correspondence there between in the directory/database. Claim 
1 still further recites reviewing, by a Tokenizing Officer, credentials of the user and forwarding 
the user ID number and the token ID number to a certificate management system (CMS) along 
with an electronic form request and a signature of the Tokenizing Officer, wherein the 
Tokenizing Officer comprises a person. 

The Examiner contends that Burn in view of Carlsson makes claim 1 obvious. 
Applicant's representative respectfully disagrees. In rejecting claim 1, the Examiner admits that 
the Burn does not teach or suggest reviewing, by a Tokenizing Officer, credentials of the user 
and forwarding the user ID number and the token ED number to a CMS along with an electronic 
form request and a signature of the Tokenizing Officer, wherein the Tokenizing Officer 
comprises a person, as recited in claim 1. However, the Examiner contends that Carlsson makes 
up for the deficiencies of Burn. Specifically, the Examiner contends that the certificate issuing 
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process disclosed in Carlsson reads on the reviewing and forwarding performed by the 
Tokenizing Officer recited in claim 1 (See Office Action, Page 3, citing CoL 8, Lines 12-51 of 
Carlsson). Applicant's representative respectfully disagrees with the Examiner's contention. 
Carlsson discloses that an administrator uses a certificate authority (CA) terminal to complete a 
form with user information and validity periods which are required in order to create a certificate 
(See Carlsson, Col. 8, Lines 27-30). Carlsson also discloses that a card can be personalized, and 
that card personalization involves adding a certificate and a user's private key to the card. 
However, Carlsson does not teach or suggest a Tokenizing Officer forwarding a user ID number 
and a token ID number to a CMS, as recited in claim 1 . In fact, nothing in Carlsson discloses 
that the cards even contain a token ID number, or some other kind of unique identifier. 
Accordingly, taken individually or in combination, Burn and Carlsson fail to teach or suggest 
reviewing, by a Tokenizing Officer, credentials of the user and forwarding the user ID number 
and the token ID number to a CMS system along with an electronic form request and a signature 
of the Tokenizing Officer, wherein the Tokenizing Officer comprises a person, as recited in 
claim 1. Thus, Burn taken in view of Carlsson does not teach or suggest each and every element 
of claim 1 . Therefore, Burn taken in view of Carlsson does not make claim 1 obvious, and thus, 
claim 1 should be patentable over the cited art. 

Claims 3-11 depend either directly or indirectly from claim 1, and are not made obvious 
by the cited art for at least the same reasons as claim 1, and for the specific elements recited 
therein. Accordingly, claims 3-11 should be patentable over the cited art. 

Additionally, regarding claim 3, Applicant's representative agrees that Burn does not 
teach or suggest that binding comprises a CMS checking for redundant tokens and revoking any 
such tokens, as recited in claim 3. However, the Examiner contends that Carlsson makes up for 
the deficiencies of Burn. In rejecting claim 3, the Examiner contends that Carlsson discloses 
revoking tokens of individuals when their role has changed in order to do away with redundant 
certificates (See Office Action Page 4). However, the Examiner has not cited (nor can 
Applicant's representative find) any part of Carlsson that discloses what the Examiner contends. 
The only part of Carlsson cited in the rejection of claim 3 is Carlsson's disclosure of its 
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certificate revocation procedure (See Office Action, Page 4, Citing Carlsson, Col. 9, lines 14-20). 
Carlsson discloses that a certificate can be revoked when a user has died, has been found to be 
unreliable or his/her role has changed (See Col. 9, Lines 14-17). However, the process cited in 
claim 3 ensures that a user possesses, at most, one token. Nothing in Carlsson teaches or 
suggests limiting the number of personalized cards that any one user can possess. Therefore, 
taken individually, or in combination, Burn and Carlsson fail to teach or suggest each and every 
element of claim 3. 

Claim 1 1 recites a public key infrastructure system comprising a plurality of tokens, each 
token having a unique ID number stored therein, and a CMS facility including a first interface to 
read data from the plurality of tokens and to write data to the plurality of tokens and including a 
directory/database. Claim 1 1 also recites a badging facility including a terminal operatively 
connected to communicate with the CMS including a second interface to read data from the 
plurality of tokens and to write data to the plurality of tokens. Claim 1 1 also recites that the 
CMS generates a unique public/private key pair for each token and stores each token ID number 
and corresponding token public key in the directory/database and stores each token private key in 
its respective token. Claim 1 1 further recites that a Tokenizing Officer utilizes the terminal in 
badging facility to forward a unique ED number of the user to which a particular token is to be 
issued along with the unique ID number of the particular token to the CMS and wherein the 
CMS binds the unique ID number of the user to the particular token ID number by storing the 
correspondence there between in the directory/database, wherein the Tokenizing Officer 
comprises a person. 

Neither Burn nor Carlsson teaches or suggests that a Tokenizing Officer utilizes a 
terminal in a badging facility to forward a unique ID number of the user to which a particular 
token is to be issued along with a unique ED number of the particular token to a CMS, wherein 
the Tokenizing Officer comprises a person, as recited in claim 1 1. As stated above with respect 
to claim 1, Burn does not teach or suggest a Tokenizing Officer. Additionally, as stated above 
with respect to claim 1, Carlsson discloses only that user information and a validity periods are 
required to create a certificate (See Carlsson, Col. 8, Lines 27-30). Carlsson does not teach or 
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suggest a Tokenizing Officer utilizing a terminal to forward a unique ID of a particular token to a 
CMS, as recited in claim 1 1 . Therefore, taken individually or in combination Burn and Carlsson 
do not teach or suggest that that a Tokenizing Officer utilizes the terminal in the badging facility 
to forward a unique ED number of a user to which a particular token is to be issued along with a 
unique ED number of the particular token to a CMS and wherein the CMS binds the unique ED 
number of the user to the particular token ID number by storing the correspondence there 
between in a directory/database, wherein the Tokenizing Officer comprises a person, as recited 
in claim 1 1 . Accordingly, Burn taken in view of Carlsson does not teach or suggest each and 
every element of claim 1 1 . Thus, Burn taken in view of Carlsson does not make claim 1 1 
obvious, and claim 1 1 should be patentable over the cited art. 

Claims 12-20 depend either directly or indirectly from claim 12, and are not made 
obvious by the cited art for at least the same reasons as claim 12, and for the specific elements 
recited therein. Accordingly, claims 12-20 should be patentable over the cited art. 

Additionally, claim 13 recites that a CMS checks for redundant tokens and revokes any 
such user tokens. In the system recited in claim 13, each user can possess, at most, one token. 
As stated above with respect to claim 3, nothing in Burn teaches or suggests that a user cannot 
possess more than one hardware token. Additionally, nothing in Carlsson teaches nor suggests 
that a user cannot possess more than one personalized card. Therefore, taken individually or in 
combination, Burn and Carlsson do not teach or suggest each and every element of claim 13. 

For the reasons described above, claims 1 and 3-20 should be patentable over the cited 
art. Accordingly, withdrawal of this rejection is respectfully requested. 
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CONCLUSION 



In view of the foregoing remarks, Applicant's representative respectfully submits that the 
present application is in condition for allowance. Applicant's representative respectfully requests 
reconsideration of this application and that the application be passed to issue. 

Please charge any deficiency or credit any overpayment in the fees for this amendment to 
our Deposit Account No. 20-0090. 



Respectfully submitted, 
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